X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;ds=sidebyside;f=Mediawiki_Setup_Guide;h=ff7ee77a976dcc1fbc7e7a490847afb0a7f905d2;hb=7af9d44cd30b421b88391a0c755b3631b49c1294;hp=f2436bfbec1207a2ae7f359b73843fab1e809028;hpb=140c14467a7e6d4064a5cf22f8a1e54caeb0991f;p=mediawiki-setup
diff --git a/Mediawiki_Setup_Guide b/Mediawiki_Setup_Guide
index f2436bf..ff7ee77 100644
--- a/Mediawiki_Setup_Guide
+++ b/Mediawiki_Setup_Guide
@@ -1,31 +1,31 @@
== Introduction ==
-'''tldr''': For Gnu/Linux (with a bit of Debian bias), a more concise, holistic and automated install than the official Mediawiki docs. Do some initial configuration then download this page and run it, or execute it as you read.
+'''tldr''': For GNU/Linux (with a bit of Debian bias), a more concise, holistic and automated install than the official Mediawiki docs. Do some initial configuration then download this page and run it, or execute it as you read.
''' Goals / Why use this guide? '''
* Good recommendations. Official docs mostly avoid recommendations among a myriad of possibilities
* Closely references & supplements official documentation
+* Automatic security updates
* Explicit automation support wherever practical
-* Used to setup this site (style optional)
-* Contributions welcome and will be updated/tested on this very site!
-* Support for multiple linux distros
-* Holistic scope (backups, server setup), but sections stand on their own
-* Explicit support for production & local testing instance. Additions for production like https and web analytics.
-* Edits to this page are closely monitored by the original author.
+* Used to setup this site (style is optional)
+* Support for multiple gnu/linux distros
+* Holistic scope (backups, server setup), but sections are independent
+* Code blocks are [https://en.wikipedia.org/wiki/Idempotent idempotent]
+* Edits to this page are tested on this site and reviewed by the main author.
'''Assumptions'''
-* Self hosting, single Linux system with Bash shell
-* Root shell is assumed throughout
-* Code blocks are [https://en.wikipedia.org/wiki/Idempotent idempotent]
+* Self hosting, single GNU/Linux system with root Bash shell
+
'''Version Support'''
Very minor adjustments needed for other distros. Help expand this list.
-* Mediawiki 1.27
-* Debian 8 (tested)
-* Debian testing (tested Aug 7, 2016)
+* Mediawiki 1.28, 1.27 support is planned to be re-added.
+* Debian 8 + backports
+* Debian 8
+* Debian stretch
Pre 5/2016 revisions ran Mediawiki 1.23, tested on Fedora 20 and Ubuntu 14.04.
@@ -35,9 +35,21 @@ Pre 5/2016 revisions ran Mediawiki 1.23, tested on Fedora 20 and Ubuntu 14.04.
The most common route and the one taken by this site is buying a domain name from a site like namecheap, and a cheap vps from companies like linode or digital ocean. They have good getting started guides which mostly apply beyond their own sites.
+'''Install Certbot'''
+
+For debian jessie with backports:
+
+
+For other distros, follow instructions at [https://certbot.eff.org/ certbot.eff.org].
+
'''Email Setup'''
-Setting up email can be an involved process. Mediawiki is perfectly happy to disable email with 1 setting (no password reminders or notifications), but it is a nice feature to have. You could run your own mail server (on the mediawiki server, or elsewhere), or use one of many services which sends mail for very cheap, or free within limits (popular examples [http://www.mailgun.com/ mailgun], [https://mandrillapp.com/ mandrill], [http://www.mailjet.com/pricing mailjet], [https://aws.amazon.com/ses/ aws]), or connect to a full featured send/receive mail provider like [https://fastmail.com fastmail] (this server is setup that way). How we did that is for a future wiki page.
+Setting up email can be an involved process, and this guide assumes that a some program (usually postfix or exim) is implementing a functional sendmail interface. Mediawiki uses email with to send password reminders or notifications, and this guide includes cronjobs for updating mediawiki and doing backups which will send mail in the case of an error. Email is also the recommended way to get notifications of package updates which require manual steps such as restarting of services.
If you are not setting up your server to send mail with a program that uses the default sendmail interface, see these pages when you are configuring mediawiki: [[mediawikiwiki:Manual:$wgEnableEmail|Manual:$wgEnableEmail]], [https://www.mediawiki.org/wiki/Configuration_settings#Email_settings Manual:Email_settings], [[mediawikiwiki:Manual:$wgSMTP|Manual:$wgSMTP]]
@@ -58,7 +70,7 @@ export mwdescription="REPLACE_ME" # eg. Opinionated Free Software Wiki
export wikiuser="REPLACE_ME"
export wikipass=REPLACE_ME
-# root password for the mysql database
+# root & user password for the mysql database
export dbpass=REPLACE_ME
export mwdomain=REPLACE_ME # domain name. for this site, it's ofswiki.org
@@ -77,10 +89,9 @@ EOF
# The rest of this section will work fine with no changes.
-# git branch for mediawiki + extensions.
-# This guide has only been tested with 1_27.
+# git branch for mediawiki + extensions. See intro for supported versions.
# branch names: https://git.wikimedia.org/branches/mediawiki%2Fcore.git
-export mw_branch=REL1_27
+export mw_branch=REL1_28
# As set by gui installer when choosing cc by sa.
export mw_RightsUrl='https://creativecommons.org/licenses/by-sa/4.0/'
@@ -140,7 +151,7 @@ mw-clone() {
local url=$1
local original_pwd="$PWD"
local name
- local re='[^/]*/[^/]*$'
+ local re='[^/]*/[^/]*$' # last 2 parts of path
[[ $url =~ $re ]] ||:
target=$mw/${BASH_REMATCH[0]}
if [[ ! -e $target/.git ]]; then
@@ -158,11 +169,10 @@ mw-clone() {
}
mw-ext () {
local ext
- for ext in "$@"; do
+ for ext; do
mw-clone https://gerrit.wikimedia.org/r/p/mediawiki/extensions/$ext
- if [[ -e $mw/ext/$ext/extension.json ]]; then
- # new style extension. remove old style declaration
- sed -i --follow-symlinks '#^require_once( "\\\$IP/extensions/\$ext/\$ext\.php" );#d' $mwc
+ if [[ -e $mw/extensions/$ext/extension.json ]]; then
+ # new style extension
teeu $mwc </dev/null; then
- # in debian wheezy time-frame distros, mediawiki was packaged.
- apt-get -y install php-apc mediawiki php-mbstring
+ apcu=php5-apcu
+ if apt-get install -s php7.0-apcu &>/dev/null; then
+ apcu=php7.0-apcu
+ fi
+ # mediawiki is packaged in jessie backports & stretch
+ DEBIAN_FRONTEND=noninteractive apt-get -y install $apcu mediawiki
else
# https://www.mediawiki.org/wiki/Manual:Installation_requirements
if apt-get install -s php7.0 &>/dev/null; then
@@ -233,13 +247,15 @@ if isdeb; then
# available in debian 8. it's listed as supported
# in the mediawiki page.
# noninteractive to avoid mysql password prompt.
- DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 mysql-server \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 \
+ default-mysql-server \
php7.0 php7.0-mysql libapache2-mod-php7.0 php7.0-xml \
php7.0-apcu php7.0-mbstring
else
# note: mbstring is recommended, but it's not available for php5 in
# debian jessie.
- DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 mysql-server \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 \
+ default-mysql-server \
php5 php5-mysql libapache2-mod-php5 php5-apcu
fi
fi
@@ -256,18 +272,26 @@ else
fi
-# slightly different depending on if we already set the root pass
-if echo exit|mysql -u root -p"$dbpass"; then
- # answer interactive prompts:
- # mysql root pass, change pass? no, remove anon users? (default, yes)
- # disallow remote root (default, yes), reload? (default, yes)
- echo -e "$dbpass\nn\n\n\n\n" | mysql_secure_installation
-else
- # I had 1 less newline at the start when doing ubuntu 14.04,
+# skip if we already set the root pass and are on pre-debian 9.
+if ! echo exit|mysql -uroot "-p$dbpass"; then
+ # Note: we set a root password here, but in debian 9+, it is ignored;
+ # only the local user root can login, and any password is accepted.
+ # We answer these interactive prompts:
+ # Enter current password for root (enter for none):
+ # Set root password? [Y/n]
+ # New password:
+ # Re-enter new password:
+ # Remove anonymous users? [Y/n]
+ # Disallow root login remotely? [Y/n]
+ # Remove test database and access to it? [Y/n]
+ # Reload privilege tables now? [Y/n]
+ # Note, I had 1 less newline at the start when doing ubuntu 14.04,
# compared to debian 8, so can't say this is especially portable.
- # It won't hurt if it fails.
echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
fi
+mysql -uroot "-p$dbpass" <
@@ -299,6 +323,8 @@ fi
# git branch -r
git checkout -f origin/$mw_branch
git clean -ffxd
+# apply librejs patch
+curl "https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-1.28-librejs.patch;hb=HEAD" | patch -r - -N -p1
# Get the php libraries wmf uses. Based on:
# https://www.mediawiki.org/wiki/Download_from_Git#Fetch_external_libraries
if [[ ! -e vendor/.git ]]; then
@@ -311,12 +337,12 @@ cd ..
# Drop any previous database which may have been installed while testing.
# If upgrading, we should have a db backup which will get restored.
# https://www.mediawiki.org/wiki/Manual:Upgrading
-mysql -u root -p$dbpass <<'EOF' ||:
+mysql -uroot "-p$dbpass" <<'EOF' ||:
drop database my_wiki;
exit
EOF
php $mw/maintenance/install.php --pass $wikipass --scriptpath /w \
- --dbuser root --dbpass $dbpass "$mwdescription" "$wikiuser"
+ --dbuser wikiuser --dbpass $dbpass "$mwdescription" "$wikiuser"
teeu $mwc <<'EOF'
# lock down the wiki to only the initial owner until anti-spam measures are put in place
# limit edits to registered users
@@ -373,16 +399,13 @@ Here, we use some scripts automate setting up the Let 's Encrypt cert and
the apache config.
@@ -435,7 +458,7 @@ teeu $mwc<
-Settings I recommend which are different than the defaults.
+Settings asked by the gui setup which are different than the install script defaults. They different because the defaults are the most compatible and unobtrusive.
== Install and Configure Mediawiki Extensions ==
@@ -507,15 +534,18 @@ When installing extensions on a wiki with important content, backup first as a p
''' Extensions with no configuration needed '''
-{| class="wikitable"
+{| class="writable"
! Name
! Description
|-
| [[mediawikiwiki:Extension:Cite|Extension:Cite]]
- | Have references in footnotes.
+ | Have references in footnotes*
|-
| [[mediawikiwiki:Extension:CiteThisPage|Extension:CiteThisPage]]
- | Ability to generate citations to pages in a variety of styles.
+ | Ability to generate citations to pages in a variety of styles*
+ |-
+ | [[mediawikiwiki:CheckUser|Extension:CheckUser]]
+ | Get ip addresses from inside mediawiki so you can ban users''
|-
| [[mediawikiwiki:Extension:CSS|Extension:CSS]]
| Allows CSS stylesheets to be included in specific articles
@@ -524,36 +554,41 @@ When installing extensions on a wiki with important content, backup first as a p
| Notification subsystem for usage by other extensions
|-
| [[mediawikiwiki:Extension:Gadgets|Extension:Gadgets]]
- | UI extension system for users
+ | UI extension system for users*
|-
| [[mediawikiwiki:Extension:ImageMap|Extension:ImageMap]]
- | Links for a region of an image
+ | Links for a region of an image*
|-
| [[mediawikiwiki:Extension:Interwiki|Extension:Interwiki]]
- | Tool for nice links to other wikis
+ | Tool for nice links to other wikis*
|-
| [[mediawikiwiki:Extension:News|Extension:News]]
| Embed or rss recent changes
|-
| [[mediawikiwiki:Extension:Nuke|Extension:Nuke]]
- | Mass delete of pages, in the case of spam
+ | Mass delete of pages, in the case of spam*
|-
| [[mediawikiwiki:Extension:ParserFunctions|Extension:ParserFunctions]]
- | Useful for templates
+ | Useful for templates*
|-
| [[mediawikiwiki:Extension:Poem|Extension:Poem]]
- | Useful for formatting things various ways
+ | Useful for formatting things various ways*
+ |-
+ | [[mediawikiwiki:Extension:Renameuser|Extension:Renameuser]]
+ | Allows bureaucrats to rename user accounts*
|-
| [[mediawikiwiki:Extension:SyntaxHighlight_GeSHi|Extension:SyntaxHighlight_GeSHi]]
- | Source code highlighting
+ | Source code highlighting*
|-
| [[mediawikiwiki:Extension:Variables|Extension:Variables]]
| Define per-page variables
|}
+* = Comes with the MediaWiki default download.
+
@@ -566,15 +601,6 @@ sudo -u $apache_user php $mw/extensions/AntiSpoof/maintenance/batchAntiSpoof.php
-''' [[mediawikiwiki:CheckUser|Extension:CheckUser]]: Get ip addresses from inside mediawiki so you can ban users'''
-
-Requires special install steps or we can get into a bad state. Add a sleep like the default of update.php to avoid errors.
-
-
-
'''[[mediawikiwiki:Extension:Wikidiff2|Extension:Wikidiff2]]: Faster and international character supported page diffs'''
I used packaged version since this is a c++ and probably not very tied to the Mediawiki version. This isn't packaged in fedora, haven't gotten around to testing and adding the code to compile it for fedora.
@@ -629,6 +655,8 @@ There is no current list of package depencies so I took dependencies from mediaw
''' [[mediawikiwiki:Extension:SpamBlacklist|Extension:SpamBlacklist]]: Import/create IP blacklists, mainly for spam'''
+Comes with MediaWiki.
+